BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Hikvision IP Cameras Multiple Vulnerabilities

Disclosed August 6, 2013    Zeroday : 442 days

Vulnerability Description:

These vulnerabilities allow an attacker to use a non-admin account to gain the admin password (CVE-2013-4975), use hard-coded credentials to log into the system (CVE-2013-4976), and execute arbitrary code by exploiting a buffer overflow (CVE-2013-4977).

Vendors:

Hikvision

Vulnerable Software/Devices:

Hikvision IP camera DS-2CD7153-E

Vulnerability Severity:

High

Exploit Availability:

Publicly Available

Exploit Impact:

Elevation of Privilege, Remote Code Execution, Security Bypass
Elevation of Privilege via Information Disclosure (CVE-2013-4975)
Exploitation of this vulnerability will grant an attacker access to sensitive information, such as plaintext usernames, passwords, etc. These can be used by the remote attacker to elevate their privileges to one of the revealed user accounts.

Security Bypass via Hardcoded Credential (CVE-2013-4976)
This vulnerability allows an attacker to bypass certain security restrictions on the system, allowing the attacker to gain unauthorized access to the system.

Remote Code Execution (CVE-2013-4977)
Exploitation of this vulnerability is possible by forming a malicious request and sending it to the affected server. Remote attackers who successfully exploit this vulnerability will be able to execute arbitrary code on the vulnerable system.

BeyondTrust Prevention and Detection:

 

Mitigation:

  • Do not make the camera publicly accessible, unless required.
  • Filter HTTP requests to /PSIA/System/ConfigurationData.
  • Filter the Range parameter in RTSP requests.

Links:

CVE(s):